2
Hi - Happy New Year!
I have a web-site which accepted paypal payment for membership. No-one's buying so I want to make it free. The page which inputs the member details into the database needs verification, and I want to bypass the verification, but I can't figure it out. Can anyone help. - I have pasted the script below.
Many thanks,
Jano
[php]
<? include("header.php"); ?>
<?
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
if (!$fp) {
// HTTP ERROR
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
//check the payment_status is Completed
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment
}
else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
}
}
fclose ($fp);
}
if (strcmp ($res, "VERIFIED") == 0) {
echo "Payment Sucessful"; } else { echo "Payment Unsucessful"; }
?>
</form>
<?
include("con1.php");
$sql = mysql_query ("select * from genel where language='$language'");
$sonuc = mysql_fetch_array($sql) ;
?><br>
<tr><td colspan="3">
Üyelik işleminiz tamamlanmıştır.
</td></TR><br>
<form action="kabul.php" method="post" name="kabul">
<tr><td align="left" valign="top" width="150"> <? echo $sonuc[bbh]; ?> </td><td align="left" valign="top" width="150"><input type="text" name="user"></td></tr>
<tr><td align="left" valign="top"> <? echo $sonuc[bbk]; ?> </td><td align="left" valign="top" width="150"><input type="text" name="email"></td></tr>
<tr><td align="center" colspan="2" valign="top"><br><input type="submit" name="subnmas" <? if($language=="Turkish") {?> value="Devam"<? }else { ?>value="Submit"<?}?>></td></tr>
</form>
<?
if ($subnmas){
include("con1.php");
$user="$HTTP_POST_VARS[user]";
$email="$HTTP_POST_VARS[email]";
$a=mysql_query("select * from uyeleryedek where username='$user' and email='$email'");
$kul_kontrol_et=mysql_num_rows($a);
if($kul_kontrol_et=="") {
echo "<SCRIPT>alert(\" Yazdığınız bilgilerle uyumlu kullanıcı bulanamadı. Lütfen tekrar deneyin. There is a problem. Please check your username has been entered correctly \");</SCRIPT>";
}else{
include("con1.php");
$sql = mysql_query ("select * from uyeleryedek where username='$user' and email='$email'");
$sonuc = mysql_fetch_array($sql) ;
include("con1.php");
mysql_query ("INSERT INTO uyeler (adsoyad, email, sirketadresi, sehirilce, ilce, vergidairesi, verginumarasi, telnum, faxnum, cepnum, dil, username, password, uyecesit, sure, baslamatarihi, bitistarihi,websayfasi ) VALUES ('$sonuc[adsoyad]', '$sonuc[email]', '$sonuc[sirketadresi]', '$sonuc[secilen]', '$sonuc[ilce]', '$sonuc[vergidairesi]', '$sonuc[verginumarasi]', '$sonuc[telnum]', '$sonuc[faxnum]', '$sonuc[cepnum]', '$sonuc[dil]', '$sonuc[username]', '$sonuc[password]', '$sonuc[uyecesit]','$sonuc[sure]','$sonuc[bugun]','$sonuc[bitis]','$sonuc[websayfasi]')");
echo "<SCRIPT>alert(\"İşleminiz başarıyla tamamlandı. / Your account succesfully. \");</SCRIPT>";
}
}
?>
<br>
<br>
Thank you for your payment.
<br><br>
Yaptiginiz odeme icin Tesekkur ederiz.
<br><br>
<? include("footer.php"); ?>[/php]
